Keylogging quietly capture all keystrokes and are generally used to take personal information, such as a password or credit card number. Lisa Bock explains the best defense is to protect against keylogging with techniques such as: use a firewall, employ anti-malware protection, and user account control.
- [Voiceover] Keylogging quietly captures all keystrokes and are generally used to take personal information, such as passwords or credit card numbers. Keyloggers can get into your system in several ways. All of these types of malware, such as viruses, worms, Trojans, or malicious software can attack your computer via email, file sharing, or even downloading a game. Keyloggers are hard to detect because their very goal is to steal data without being discovered.
Because data theft is at stake, they could do more damage then a virus. Let's look at some best practices. First of all, use a firewall. Understand that data that is logged and sent over the internet can be small, so you might not see a huge increase in bandwidth. When using a firewall, many times, egress filtering is used. Egress filtering will monitor outbound connection with the option of shutting down all inbound and outbound data completely.
Although we use the term "keystroke logger", it's actually a form of spyware. So, install and run anti-spyware and anti-malware protection. Windows User Account Control can help you stay in control of your system by letting you know when a program makes a change that requires administrator level permissions. When downloading and installing software, resist the urge to download any freeware. Stick to software from recognized vendors.
Consider switching browsers. There are browsers that are more security conscious, such as Chrome, Mozilla's Firefox, Safari, or Opera. Use a password to get into your system and run in limited-user mode as the default. This will protect your computer from keyloggers. Also, use the administrator account for any installations. Using good security practices will help protect against keylogging.
These tutorials, along with the other courses featured in the Ethical Hacking series, will prepare students to pass the Certified Ethical Hacker exam and start a career in this in-demand field. Find out more about the exam at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Acquiring passwords
- Generating rainbow tables
- Understanding where passwords are stored
- Defending against privilege escalation
- Understanding spyware
- Protecting against keylogging
- Detecting steganography
- How hackers cover their tracks